cylance

ICIT Analysis – Carbanak Threatens Critical Infrastructure: Cybercriminal APTs Merit Significant Investigation and Discussion

Carbanak, currently one of the most effective advanced persistent threats (APTs) active, poses a serious threat to critical infrastructure organizations such as banks, government, and data brokers such as Equifax. The Carbanak APT demonstrates how criminal collectives can adapt, divide, and evolve as their tools, techniques, and procedures advance. In this analysis, entitled “Carbanak Threatens .. read more

Next Generation Defenses for a Hyper Evolving Threat Landscape: An Anthology of ICIT Fellow Essays Volume I

The onslaught of attacks on our Critical Infrastructure sectors by nation state, mercenary, criminal and cyber jihadist APTs is robbing organizations of millions worth of IP and victimizing citizens whose inadequately protect PII is being exfiltrated and used for economic gain or counterintelligence purposes. Organizations must be on the forefront of bleeding-edge cybersecurity technologies and .. read more

ICIT Analysis: How to Crush the Health Sector’s Ransomware Pandemic

The health sector is the most vulnerable, most targeted, and resoundingly least equipped to defend against hackers who are pummeling healthcare organizations with ransomware attacks.   This ransomware epidemic will only become more severe and costly as the infection volume in 2017 will trump infections in 2016. In this post, entitled “How to Crush the .. read more

ICIT Analysis: Hacking Elections is Easy! Part 2: Psst! Wanna Buy a National Voter Database? Hacking E-Voting Systems Was Just the Beginning

The United States election process has been at risk since the widespread adoption of electronic voting (e-voting) systems in 2002-2006. Despite the fact that researchers have spent the past decade demonstrating that Direct Recording Electronic (DRE) and optical scanning systems from every manufacturer are vulnerable along numerous attack vectors, our Nation is still plagued with .. read more

ICIT Brief – Your Life, Repackaged and Resold: The Deep Web Exploitation of Health Sector Breach Victims

Despite being the most at-risk and perpetually breached critical infrastructure sector in the Nation, virtually all health sector organizations refuse to evolve their layered security to combat a hyper evolving threat landscape. As a result, when a healthcare system is breached and patient records are stolen, the entire brutal impact of the incident that resulted from .. read more

ICIT Brief – The Anatomy of Cyber-Jihad: Cyberspace is the New Great Equalizer

Until now it has been fairly easy to categorize malicious cyber-actors as State Sponsored APT, Hacktivist, Mercenary and Script Kiddie. However, a new threat actor has emerged who uses technological means to bring terror and chaos to our nation and its allies: the Cyber-Jihadist. Cyber-Jihad has quickly arrived on the scene and will only continue .. read more

ICIT Brief: Combatting the Ransomware Blitzkrieg with Endpoint Security

Ransomware, the weaponization of encryption, has struck fear and confusion into the hearts of PC users and critical infrastructure communities alike. While it is impossible for organizations to prevent malware from infecting their networks, those who deploy a multi-layered security strategy and teach proper cybersecurity hygiene to their employees have a strong chance of defending against these .. read more

ICIT Brief: Hacking Healthcare IT in 2016: Lessons the Healthcare Industry can Learn from the OPM Breach

Among all of America’s critical infrastructures, the healthcare sector is the most targeted and plagued by perpetual persistent attacks from numerous unknown malicious hackers. The goal of these threat actors is to exploit vulnerabilities in insecure and antiquated networks in order to exfiltrate patient data for financial or geopolitical gain. In order to protect patient .. read more

ICIT Senate Briefing: Hacking Hospitals

            On November 19, the Institute for Critical Infrastructure Technology conducted a briefing at the U.S. Senate entitled “Hacking Hospitals” to address the growing threats facing healthcare organizations. During this briefing, senior Senate staffers and attendees from agencies including the Departments of Veterans Affairs, State, Homeland Security, Health and Human .. read more

ICIT Hill Event: “Hacking Hospitals” Briefing @ Senate

“Hacking Hospitals”  The national surge in the number of internet enabled medical devices, electronic health record management systems, mHealth and health information sharing initiatives has increased the attack surface at healthcare organizations and contributed significantly to the increase in successful data breaches at hospitals and insurance companies over the last several years.  Given the current .. read more

Legislative Brief “Moving Forward: How Victims Can Regain Control & Mitigate Threats in the Wake of the OPM Breach”

In June 2015, the Nation learned that the personnel records of 21.5 million United States citizens had been exfiltrated by an unknown adversary from the Office of Personnel Management, one of the largest known breaches in the history of the U.S. Government.  The immediate public outcry included congressional hearings attributing the breach to OPM administrators and .. read more